In prior times, identity related fraud was limited to transactions where the fraudulent party was always present to perpetrate the identity fraud whether by means of forged checks, improper use of bank or credit accounts, scamming money off an unsuspecting victim or pretending to be someone other than who that person was in real life to obtain funds or perpetrate harm. Since the advent of widespread use of the internet in early 1990's, the internet has served as a platform for a variety of e-commerce venues, which allows and even encourages more participation in various aspects of digital life such as online banking, buying products from online merchants via credit cards, sending text messages to one another, interacting with others in social networks either as an user or part of a group. Consequently, crimes related to identity theft have become an increasingly serious threat with 53% of all fraud done online, representing a multi-billion dollar loss to the industry.
There are various technologies current being employed to avoid identity-related fraud online. Many require the use of a user name along with a PIN or password to access various services and databases provided online. When a higher degree of security is desired, technologies involving hardware devices such as a fingerprint reader or a USB key can be employed. Additionally, other technologies that have been utilized include but are not limited to, identifying Media Access Control (MAC) address of a device used to participate in a digitally based interaction, sniffing the IP address to confirm if the originating address is the anticipated one, determining the identity by accessing credit reporting agencies, and requesting forensic report of previous purchase discrepancies associated with the user name, data or credit card as well as manual review of purchases including outbound call centers to validate that the consumer has actually placed an order. These hardware-reliant technologies are designed to minimize or eliminate human interaction, relying instead on complex algorithms to define if an online user is actually the person he/she proclaimed to be while requiring only minimal interaction with the user him/herself to prove identity. Although these solutions offer a higher degree of security, they are cumbersome, restrictive and require a higher level of user compliance to be effective. On the other hand, the alternative of using user names, PINs, and passwords to access certain web-based applications or contents opens up vulnerabilities to services and databases. As people are constantly being required to create PINs and passwords, they may in most cases simply adopt a single PIN/password or put the PINs and passwords down in writing. PIN/password so created and/or kept may often be forgotten, misplaced, or simply lost by the user, causing a huge gap in security for any web-based system.
The foregoing examples of the related art and limitations related therewith are intended to be illustrative and not exclusive. Other limitations of the related art will become apparent upon a reading of the specification and a study of the drawings.